Application Security Tester - Assistant Manager

As an Application Security Tester on this team, you'll help build and support deployed tooling that improves how our member firms find, understand and fix application vulnerabilities. You'll split your time between hands-on security testing, improving automation and tooling, and working with internal teams to turn technical findings into clear, actionable remediation guidance for our global network and teach development teams about secure coding and DevSecOps practices., * Support operational processes, rules of engagements and methodologies to deliver quality code analysis and DevSecOps automation services to Deloitte's global network

• Ensure deliverables are of a quality nature and provide practical intelligence to help member firms remediate vulnerabilities identified
• Execute security testing or support of automated mechanisms
• Curate application security vulnerability data generated from application testing tools, provide concise and digestible remediation paths for member firms
• Escalate key risks and issues to Automated Application Testing Delivery Manager that need special attention or hold urgency
• Ability to both read and write in at least one development language
• Significant benefit of experience of DAST, SAST, SCA, container security, process automation, or robotics processing
• Work closely with the operations team to ensure appropriate customer facing documentation and communications are present to facilitate effective entry points and service offerings are present
• Support member firm liaisons with member firm and DTTL management and technical teams to ensure they are consuming all the offered Services within the Risk Management group across the globe and to ensure member firm expectations are being met
• Collaborate with the Global Cyber group to understand trends, issues and risks and to exchange expertise

• • Bachelor's degree in Computer Science, Cyber Security, International Cyber Security, or equivalent education experience
• • Experience in application testing
• • Experience with validation of scan results from the following testing tools would be of benefit: Snyk, Fortify, Contrast, Checkmarx, or Veracode
• • Strong knowledge of explaining to development teams of how to use secure coding techniques
• • Ability to convey technical risks to business managers and executives
• • Experience with managing and configuring scanning tools with DevOps and CI/CD systems hosted in a cloud environment
• • Experience working with variety of cultures across the globe and have the patience, understanding, and empathy to work collaboratively and effectively
• • Knowledge and ability to accurately describe the OWASP Top 10 most common web application, open source, and LLM application security vulnerabilities found in most applications

Deloitte drives progress. Our firms around the world help our clients become market leaders wherever they compete. Deloitte invests in outstanding people with diverse talents and backgrounds, empowering them to achieve more than they can elsewhere. Our work combines consulting with action and integrity. We believe that when our clients and society are stronger, so are we.